Deploying PAWs as Part of a Strategy to Limit Credential Theft and Lateral Movement
via YouTube
Overview
Syllabus
Intro
WHEN NOT COMPUTERING...
ATTACK SCENARIO #2
WINDOWS LOGON TYPES
LOCAL SAM DATABASE
ACTIVE DIRECTORY DATABASE
LSA SECRETS
CREDENTIAL MANAGER
WINDOWS CREDENTIAL & AUTH ISSUES
STEALING WINDOWS ACCESS TOKENS
WINDOWS CRED & AUTH ISSUES
INTRODUCING PAWS
ACTIVE DIRECTORY ADMINISTRATIVE TIER MODEL
LOGON RESTRICTIONS
TRADITIONAL SOLUTIONS - JUMP SERVERS
PAW PREREQUISITES
PHASES OF DEPLOYMENT
PAW DEPLOYMENT MODELS
DEPLOY PAW ACTIVE DIRECTORY FRAMEWORK
PAW COMPUTER ACCOUNT GPOs
PAW USER GPOS
PAW GPOS - DENY LOWER TIER LOGON
RESTRICTED ADMIN)
PAW SETUP - PHASE 2
MULTI-FACTOR)
PAW SETUP - PHASE 3 (PROTECTED USERS)
LESSONS LEARNED FROM MY DEPLOYMENT
PAW DEPLOYMENT PAIRS WILL WITH NETWORK SEGMENTATION
NETWORK SEGMENTATION (LAYER3)
FURTHER LIMITING EXPOSURE TO CREDENTIAL THEFT AND LATERAL MOVEMENT
CLOSING
QUESTIONS/CONTACT